This reporting period is dominated by two converging attack patterns: adversary-controlled software supply chain compromise targeting CI/CD pipelines, package registries, and trusted update channels; and active exploitation of critical vulnerabilities in perimeter and endpoint management infrastructure. Three of six items involve state-sponsored or financially motivated threat actors (TeamPCP, BlueNoroff/UNC1069, Chinese-nexus) weaponizing the software supply chain against technology, government, and financial sectors. Immediate action is required on the Axios npm compromise (active RAT deployment, 400M download base), the TrueConf CVE-2026-3502 (CISA KEV confirmed, active exploitation), and the Fortinet FortiClient EMS SQL injection (CVSS 9.8, active exploitation reported); the Citrix NetScaler CVE-2026-3055 (EPSS 97th percentile) requires urgent reconnaissance detection and patch readiness now.